claude-oil
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill injects a set of 'Execution Contracts' into the project's CLAUDE.md file containing instructions designed to override the agent's default operational logic and decision-making process.
- Evidence: The injected text includes '以下规则为最高优先级,必须严格遵守' (The following rules are highest priority, must be strictly followed), which is a characteristic pattern for attempting to override system prompts or previous instructions.
- Evidence: It explicitly directs the agent to '直接执行不要询问' (execute directly without asking) for certain decisions, which effectively encourages the agent to bypass standard user-intent confirmation protocols.
Audit Metadata